OTL logfile created on: 16/02/2013 09:01:52 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Françoise\Mes documents\Téléchargements Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1,50 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 68,34% Memory free 3,35 Gb Paging File | 2,86 Gb Available in Paging File | 85,41% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 50,74 Gb Total Space | 15,38 Gb Free Space | 30,32% Space Free | Partition Type: NTFS Drive D: | 1002,05 Mb Total Space | 853,56 Mb Free Space | 85,18% Space Free | Partition Type: FAT32 Drive I: | 143,04 Gb Total Space | 46,76 Gb Free Space | 32,69% Space Free | Partition Type: NTFS Computer Name: CAVALFAIRE | User Name: Françoise | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\Françoise\Mes documents\Téléchargements\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) PRC - C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe (RealNetworks, Inc.) PRC - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe () PRC - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (Oracle Corporation) PRC - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD) PRC - C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies) PRC - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe (Pinnacle Systems) PRC - C:\WINDOWS\system32\slserv.exe ( ) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe () MOD - C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA () MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll () MOD - C:\WINDOWS\system32\pdfcmnnt.dll () [color=#E56717]========== Services (SafeList) ==========[/color] SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe () SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (JavaQuickStarterService) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (Oracle Corporation) SRV - (Sony PC Companion) -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe (Avanquest Software) SRV - (vsmon) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software) SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies) SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft) SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe () SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.) SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe ( ) SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (ggsemc) -- system32\DRIVERS\ggsemc.sys File not found DRV - (ggflt) -- system32\DRIVERS\ggflt.sys File not found DRV - (Changer) -- File not found DRV - (catchme) -- C:\DOCUME~1\FRANOI~1\LOCALS~1\Temp\catchme.sys File not found DRV - (TrueSight) -- C:\WINDOWS\system32\drivers\TrueSight.sys () DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (massfilter_hs) -- C:\WINDOWS\system32\drivers\massfilter_hs.sys (HandSet Incorporated) DRV - (Vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies) DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft) DRV - (npf) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.) DRV - (RSUSBCCID) -- C:\WINDOWS\system32\drivers\RtsUCcid.sys (Realtek Semiconductor Corp.) DRV - (RtsUIr) -- C:\WINDOWS\system32\drivers\RtsUIr.sys (Realtek Semiconductor Corp.) DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation) DRV - (s1018mdm) -- C:\WINDOWS\system32\drivers\s1018mdm.sys (MCCI Corporation) DRV - (s1018unic) -- C:\WINDOWS\system32\drivers\s1018unic.sys (MCCI Corporation) DRV - (s1018mgmt) -- C:\WINDOWS\system32\drivers\s1018mgmt.sys (MCCI Corporation) DRV - (s1018obex) -- C:\WINDOWS\system32\drivers\s1018obex.sys (MCCI Corporation) DRV - (s1018bus) -- C:\WINDOWS\system32\drivers\s1018bus.sys (MCCI Corporation) DRV - (s1018nd5) -- C:\WINDOWS\system32\drivers\s1018nd5.sys (MCCI Corporation) DRV - (s1018mdfl) -- C:\WINDOWS\system32\drivers\s1018mdfl.sys (MCCI Corporation) DRV - (seehcri) -- C:\WINDOWS\system32\drivers\seehcri.sys (Sony Ericsson Mobile Communications) DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices) DRV - (RecAgent) -- C:\WINDOWS\system32\drivers\recagent.sys (Smart Link) DRV - (M2500) -- C:\WINDOWS\system32\drivers\M2500.sys (Ralink Technology Inc.) DRV - (vobiw) -- C:\WINDOWS\System32\drivers\vobIW.sys (Pinnacle Systems GmbH) DRV - (cdrdrv) -- C:\WINDOWS\system32\drivers\Cdrdrv.sys (Pinnacle Systems GmbH) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (alcan5wn) -- C:\WINDOWS\system32\drivers\alcan5wn.sys (THOMSON) DRV - (alcaudsl) -- C:\WINDOWS\system32\drivers\alcaudsl.sys (THOMSON) DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.) DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.) DRV - (ASAPIW2K) -- C:\WINDOWS\system32\drivers\asapiW2k.sys (Pinnacle Systems GmbH) DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd) DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys ( ) DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys ( ) DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys ( ) DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys ( ) DRV - (VOBID) -- C:\WINDOWS\system32\drivers\vobid.sys (Pinnacle Systems) DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys ( ) DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys (Vireo Software) DRV - (vobcom) -- C:\WINDOWS\System32\drivers\vobcom.sys (VOB Computersysteme GmbH) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{67950089-9EE3-4B88-8212-C90FC732DB19}: "URL" = http://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}: "URL" = http://www.bing.com/search?q={searchTerms}&mkt=fr-FR&form=MIMWA5 IE - HKCU\..\SearchScopes\{A18520B0-9FEE-4954-B56E-743438D50E91}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10264&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AGV&apn_dtid=^YYYYYY^YY^FR&apn_uid=4b62c547-7e07-44f2-b85a-3360df36f9b2&apn_sauid=E63260DA-C09C-45F9-B61A-D12770485DBC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..extensions.enabledAddons: %7B34712C68-7391-4c47-94F3-8F88D49AD632%7D:1.3.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Documents and Settings\Françoise\Local Settings\Application Data\Citrix\Plugins\92\npappdetector.dll (Citrix Online) FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\BrowserPlusPlugins\79a16dbeb98784ad06a2e79f420bc4ff\npybrowserplus_2.9.8.dll (Yahoo! Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/09/17 13:51:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012/12/29 09:40:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/06 09:17:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/06 09:17:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/08 21:46:22 | 000,000,000 | ---D | M] [2012/01/15 03:22:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Françoise\Application Data\Mozilla\Extensions [2012/01/15 03:22:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Françoise\Application Data\Mozilla\Extensions\home2@tomtom.com [2013/02/06 09:16:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013/02/06 09:16:53 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012/12/29 09:40:04 | 000,000,000 | ---D | M] (RealDownloader) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT [2013/02/06 09:17:18 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2008/06/19 19:46:24 | 000,118,784 | ---- | M] (CANON INC.) -- C:\Program Files\mozilla firefox\plugins\MyCamera.dll [2008/06/19 19:46:24 | 000,053,248 | ---- | M] (CANON INC.) -- C:\Program Files\mozilla firefox\plugins\NPCIG.dll [2012/12/29 09:39:16 | 000,124,056 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2013/01/10 21:54:14 | 000,001,609 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2012/09/08 11:07:47 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/12/05 17:10:58 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2013/01/10 21:54:13 | 000,001,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2013/01/10 21:54:13 | 000,001,399 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2012/12/05 17:10:57 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/12/08 09:22:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe () O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [InstantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe (Pinnacle Systems) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Françoise\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1318403681124 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341728693656 (MUWebControl Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6ED60A22-EA51-4FF4-A569-EF35BB0C0453}: DhcpNameServer = 192.168.0.254 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Françoise\Application Data\Mozilla\Firefox\Fond d'écran.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Françoise\Application Data\Mozilla\Firefox\Fond d'écran.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/10/12 06:37:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011/11/20 20:36:09 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011/11/20 20:36:14 | 000,000,000 | R--D | M] - D:\Autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2010/05/29 06:03:05 | 000,000,000 | ---D | M] - I:\autorun.doc -- [ NTFS ] O32 - AutoRun File - [2011/11/20 20:36:14 | 000,000,000 | R--D | M] - I:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software) NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^Françoise^Menu Démarrer^Programmes^Démarrage^Dropbox.lnk - C:\Documents and Settings\Françoise\Application Data\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.) MsConfig - StartUpReg: [b]APSDaemon[/b] - hkey= - key= - C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig - StartUpReg: [b]CanonMyPrinter[/b] - hkey= - key= - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) MsConfig - StartUpReg: [b]InstantTray[/b] - hkey= - key= - C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe (Pinnacle Systems) MsConfig - StartUpReg: [b]PinnacleDriverCheck[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Screenpresso[/b] - hkey= - key= - C:\Documents and Settings\Françoise\Local Settings\Application Data\Learnpulse\Screenpresso\Screenpresso.exe (Learnpulse) MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]Sony Ericsson PC Companion[/b] - hkey= - key= - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {72AD53CC-CCC0-3757-8480-9EE176866A7C} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {969B3B70-8765-11D5-9809-0050BACBF861} - rundll32.exe advpack.dll,LaunchINFSection C:\Program Files\CyberLink\MP3PowerEncoder\Cyber.inf,PerUserStub ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.clmp3enc - C:\Program Files\CyberLink\MP3PowerEncoder\CLMP3Enc.ACM (CyberLink Corp.) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.) Drivers32: vidc.I420 - C:\WINDOWS\System32\vdrcodec.dll (Pinnacle Systems) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.spv1 - C:\Documents and Settings\Françoise\Local Settings\Application Data\Learnpulse\Screenpresso\ScreenpressoCodec.dll (LearnPulse) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin CREATERESTOREPOINT Restore point Set: OTL Restore Point [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/02/13 16:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Françoise\Bureau\RK_Quarantine [2013/02/10 14:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Subliminal Visuel Concentration [2013/02/10 14:10:17 | 000,000,000 | ---D | C] -- C:\Program Files\Subliminal Visuel Concentration [2013/02/07 09:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Françoise\Bureau\Kevin Trudeau [2013/02/06 09:16:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/02/02 08:07:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Françoise\Recent [2013/01/29 14:47:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Françoise\Menu Démarrer\Programmes\FANTAZIORKA [2013/01/29 14:47:10 | 000,000,000 | ---D | C] -- C:\Program Files\FANTAZIORKA [2013/01/26 18:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Françoise\AppData [2013/01/20 09:57:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes [2013/01/20 09:55:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013/01/20 09:54:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2011/10/24 19:11:08 | 003,623,592 | ---- | C] (Ask) -- C:\Program Files\Fichiers communs\ApnToolbarInstaller.exe [2011/10/24 19:11:08 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files\Fichiers communs\ApnStub.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/02/16 09:04:36 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2013/02/16 08:51:01 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/02/16 07:15:58 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1220945662-1897051121-839522115-1004.job [2013/02/16 07:15:39 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1220945662-1897051121-839522115-1004.job [2013/02/16 07:15:37 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1220945662-1897051121-839522115-1004.job [2013/02/16 07:11:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/02/16 07:08:20 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1220945662-1897051121-839522115-1004.job [2013/02/15 02:35:25 | 000,435,934 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\85379058exercices-d-expansion-de-la-conscience-gg-31-jours-pdf.pdf [2013/02/15 02:32:00 | 000,280,279 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\2012-01-31_Combinaisons-chiffrées_vers-courte.pdf [2013/02/14 22:18:01 | 000,003,922 | ---- | M] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_02_14 22_18.rtf [2013/02/14 16:22:33 | 000,015,616 | ---- | M] () -- C:\WINDOWS\System32\drivers\TrueSight.sys [2013/02/14 07:10:26 | 000,013,700 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/02/13 13:43:08 | 000,043,217 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Virement M Vermeylen.pdf [2013/02/12 22:12:49 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Subliminal Visuel Concentration.lnk [2013/02/12 21:30:09 | 000,092,672 | ---- | M] () -- C:\Documents and Settings\Françoise\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/02/12 10:14:57 | 000,045,196 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\alimentation jesus.jpg [2013/02/11 23:59:13 | 000,557,078 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2013/02/11 23:59:13 | 000,108,770 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2013/02/11 23:59:12 | 000,480,984 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/02/11 23:59:12 | 000,088,690 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/02/11 23:54:41 | 000,056,108 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat [2013/02/11 23:39:41 | 000,071,980 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\20130209 Soirée Nicole Fraysse.jpg [2013/02/09 16:00:02 | 000,814,294 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Vivre Cru bruxelles1.pdf [2013/02/08 13:51:29 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/02/08 13:51:28 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/02/07 22:10:28 | 000,003,050 | ---- | M] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_02_07 22_10.rtf [2013/02/07 09:24:48 | 002,049,024 | ---- | M] () -- C:\Documents and Settings\Françoise\Mes documents\Outlook.pst [2013/02/06 19:05:55 | 000,091,114 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Langue Aspects.jpg [2013/02/06 15:19:40 | 000,000,484 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\NEWAYS.lnk [2013/02/05 09:37:54 | 000,075,362 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Régénère Invit Suisse.jpg [2013/02/03 08:47:34 | 000,922,185 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\flyer imprimable Danses Scarées Lille mars 2013.pdf [2013/01/31 22:19:37 | 000,003,492 | ---- | M] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_01_31 22_19.rtf [2013/01/31 12:36:02 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1220945662-1897051121-839522115-1004.job [2013/01/30 17:12:31 | 000,070,915 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Additifs alimentaires.jpg [2013/01/29 14:47:17 | 000,001,048 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Mandala-Crystal-VL.lnk [2013/01/24 21:51:59 | 000,001,280 | ---- | M] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_01_24 21_51.rtf [2013/01/22 08:41:05 | 001,136,499 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\S Campagnie stages de jeûne 2013-1.pdf [2013/01/20 10:45:02 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\Françoise\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk [2013/01/19 08:56:28 | 000,014,228 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Reflexologie dessus pied.jpg [2013/01/19 08:56:08 | 000,034,495 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Reflexologie côtés pieds.jpg [2013/01/19 08:55:37 | 000,032,448 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Reflexologie Plantes pieds.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/02/16 09:04:36 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2013/02/15 02:35:24 | 000,435,934 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\85379058exercices-d-expansion-de-la-conscience-gg-31-jours-pdf.pdf [2013/02/15 02:31:59 | 000,280,279 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\2012-01-31_Combinaisons-chiffrées_vers-courte.pdf [2013/02/14 22:18:01 | 000,003,922 | ---- | C] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_02_14 22_18.rtf [2013/02/14 07:16:39 | 000,015,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys [2013/02/13 13:43:08 | 000,043,217 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Virement M Vermeylen.pdf [2013/02/12 22:12:49 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Subliminal Visuel Concentration.lnk [2013/02/12 10:14:55 | 000,045,196 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\alimentation jesus.jpg [2013/02/11 23:54:41 | 000,056,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2013/02/11 23:39:39 | 000,071,980 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\20130209 Soirée Nicole Fraysse.jpg [2013/02/11 05:23:29 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1220945662-1897051121-839522115-1004.job [2013/02/09 16:00:02 | 000,814,294 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Vivre Cru bruxelles1.pdf [2013/02/07 22:10:28 | 000,003,050 | ---- | C] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_02_07 22_10.rtf [2013/02/06 19:05:53 | 000,091,114 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Langue Aspects.jpg [2013/02/06 15:33:47 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1220945662-1897051121-839522115-1004.job [2013/02/06 15:19:40 | 000,000,484 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\NEWAYS.lnk [2013/02/05 09:37:52 | 000,075,362 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Régénère Invit Suisse.jpg [2013/02/03 08:47:34 | 000,922,185 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\flyer imprimable Danses Scarées Lille mars 2013.pdf [2013/01/31 22:19:37 | 000,003,492 | ---- | C] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_01_31 22_19.rtf [2013/01/30 17:12:29 | 000,070,915 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Additifs alimentaires.jpg [2013/01/29 14:47:17 | 000,001,048 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Mandala-Crystal-VL.lnk [2013/01/24 21:51:59 | 000,001,280 | ---- | C] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_01_24 21_51.rtf [2013/01/22 08:41:05 | 001,136,499 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\S Campagnie stages de jeûne 2013-1.pdf [2013/01/20 10:45:02 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\Françoise\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk [2013/01/19 08:56:27 | 000,014,228 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Reflexologie dessus pied.jpg [2013/01/19 08:56:07 | 000,034,495 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Reflexologie côtés pieds.jpg [2013/01/19 08:55:36 | 000,032,448 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Reflexologie Plantes pieds.jpg [2012/10/09 22:21:21 | 000,000,912 | ---- | C] () -- C:\Documents and Settings\Françoise\.recently-used.xbel [2012/09/17 21:27:01 | 000,373,432 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2012/08/08 17:57:36 | 000,038,506 | ---- | C] () -- C:\Documents and Settings\Françoise\Application Data\Valeurs séparées par des virgules (Windows).ADR [2012/08/06 18:13:17 | 000,038,484 | ---- | C] () -- C:\Documents and Settings\Françoise\Application Data\Microsoft Excel.ADR [2012/08/06 17:31:37 | 000,027,226 | ---- | C] () -- C:\Documents and Settings\Françoise\Application Data\Carnet d'adresses personnel.ADR [2012/07/30 19:11:21 | 000,584,584 | ---- | C] () -- C:\WINDOWS\adb.exe [2012/07/25 19:27:52 | 000,060,304 | ---- | C] () -- C:\Documents and Settings\Françoise\g2mdlhlpx.exe [2012/03/09 07:38:19 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2012/03/06 09:11:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/01/28 16:00:26 | 000,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini [2012/01/07 13:43:36 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/10/24 19:11:13 | 000,444,283 | ---- | C] () -- C:\Program Files\Fichiers communs\WinPcapNmap.exe [2011/10/17 11:17:21 | 000,092,672 | ---- | C] () -- C:\Documents and Settings\Françoise\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/10/15 07:22:46 | 000,038,604 | ---- | C] () -- C:\Documents and Settings\Françoise\Application Data\wklnhst.dat [2011/10/13 21:10:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI [2011/10/13 21:07:46 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS71.DLL [2011/10/12 17:35:36 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2011/10/12 13:07:49 | 000,075,776 | ---- | C] () -- C:\WINDOWS\SendToClip.exe [2011/10/12 09:53:40 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2011/10/12 09:41:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011/10/12 08:30:43 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll [2011/10/12 08:30:43 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\slmh.exe [2011/10/12 08:30:43 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\minirec.exe [2011/10/12 08:30:43 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll [2011/10/12 08:30:43 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll [2011/10/12 08:30:43 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SmCfg.exe [2011/10/12 08:30:43 | 000,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys [2011/10/12 08:27:05 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2011/10/12 08:05:33 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll [2011/10/12 07:26:47 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011/10/12 07:25:34 | 000,346,608 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/10/12 06:59:22 | 000,221,736 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2011/10/12 06:59:21 | 001,301,704 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2011/10/12 06:59:21 | 000,548,888 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys [2011/10/12 06:59:21 | 000,167,352 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2011/10/12 06:59:21 | 000,086,512 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys [2011/10/12 06:59:16 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll [2011/10/12 06:59:16 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll [2011/10/12 06:59:15 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\System32\slserv.exe [2011/10/12 06:59:13 | 000,024,576 | ---- | C] () -- C:\WINDOWS\slrundll.exe [2011/10/12 06:39:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011/10/12 06:35:07 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2011/10/12 12:48:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\System32\shdocvw.dll -- [2008/04/14 03:33:41 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009/02/09 11:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/14 03:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] Invalid Environment Variable: alluserprofile Invalid Environment Variable: alluserprofile [color=#A23BEC]< %appdata%\*. >[/color] [2012/04/05 06:14:11 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Françoise\Application Data\.# [2011/10/21 13:50:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Adobe [2012/09/08 18:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Apple Computer [2011/10/12 09:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Avira [2012/09/25 06:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Canon [2012/03/06 07:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\CheckPoint [2013/01/23 07:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\cronometer [2011/10/13 21:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\CyberLink [2011/12/19 09:12:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\DAEMON Tools Lite [2012/09/12 23:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Dropbox [2013/02/06 16:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\dvdcss [2012/01/15 05:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Foxit Software [2011/10/12 09:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\FreeAudioPack [2011/10/12 23:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Help [2011/10/12 06:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Identities [2012/10/10 07:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\inkscape [2011/10/12 11:45:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Macromedia [2011/10/12 12:14:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Malwarebytes [2012/07/26 03:14:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Françoise\Application Data\Microsoft [2011/10/12 09:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Mozilla [2012/08/18 08:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\MyPhoneExplorer [2012/07/18 09:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Oracle [2011/12/26 18:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\PhotoFiltre [2013/02/07 08:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Real [2012/12/29 09:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\RealNetworks [2012/08/06 05:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Skype [2011/12/21 06:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Sony [2011/10/19 05:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Sun [2012/01/20 09:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Thunderbird [2012/01/15 03:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\TomTom [2012/01/17 14:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\TuneUp Software [2012/02/01 21:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\VDownloader [2013/02/13 13:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\vlc [2013/01/20 08:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\WindSolutions [2011/10/12 13:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\WinRAR [2012/10/10 06:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Xilisoft [2012/03/20 07:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Yahoo! [color=#A23BEC]< %appdata%\*.exe /s >[/color] [2012/06/14 03:08:56 | 027,595,032 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Françoise\Application Data\Dropbox\bin\Dropbox.exe [2012/06/14 03:09:00 | 000,874,440 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Françoise\Application Data\Dropbox\bin\DropboxUpdateHelper.exe [2012/06/14 03:09:06 | 000,181,776 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Françoise\Application Data\Dropbox\bin\Uninstall.exe [2011/12/04 21:01:46 | 000,086,576 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Françoise\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe [2011/12/04 21:01:46 | 000,132,672 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Françoise\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe [2012/09/08 16:51:43 | 007,860,520 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTrans.exe [2013/01/19 21:34:15 | 004,279,440 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe [2013/01/19 21:37:21 | 008,488,168 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTransManager.exe [2013/01/20 08:07:08 | 007,955,968 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTransPhoto.exe [2012/02/01 14:35:35 | 003,712,288 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTrans_Suite_v2.340_FR.exe [2012/09/08 16:46:10 | 004,156,736 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTrans_Suite_v2.360_FR.exe [2013/01/19 21:33:46 | 004,279,440 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTrans_Suite_v2.370_FR.exe [2013/01/20 01:05:24 | 005,509,352 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\iCloner.exe [color=#A23BEC]< %systemdrive%\*. >[/color] [2011/11/20 20:36:09 | 000,000,000 | R--D | M] -- C:\Autorun.inf [2011/10/13 21:07:32 | 000,000,000 | -H-D | M] -- C:\BJPrinter [2011/12/05 14:33:28 | 000,000,000 | ---D | M] -- C:\BrowserPlusPlugins [2011/12/08 09:10:56 | 000,000,000 | RHSD | M] -- C:\cmdcons [2013/01/20 09:57:57 | 000,000,000 | ---D | M] -- C:\Config.Msi [2012/03/08 06:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings [2012/08/08 05:10:15 | 000,000,000 | RH-D | M] -- C:\MSOCache [2013/02/10 14:10:17 | 000,000,000 | ---D | M] -- C:\Program Files [2012/04/16 18:43:53 | 000,000,000 | ---D | M] -- C:\ProgramData [2012/03/08 07:04:01 | 000,000,000 | -HSD | M] -- C:\RECYCLER [2011/10/12 11:00:45 | 000,000,000 | ---D | M] -- C:\ST_NG_SetupWizard [2011/12/16 06:49:55 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2013/02/14 16:14:10 | 000,000,000 | ---D | M] -- C:\WINDOWS [color=#A23BEC]< %systemdrive%\*.exe >[/color] [color=#A23BEC]< %programfiles%\*. >[/color] [2012/08/03 19:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\ABC Amber vCard Converter [2011/10/21 07:32:04 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe [2013/01/03 16:25:08 | 000,000,000 | ---D | M] -- C:\Program Files\adslTV [2012/05/31 04:58:38 | 000,000,000 | ---D | M] -- C:\Program Files\Amazon [2012/03/07 13:25:57 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update [2011/10/15 21:12:29 | 000,000,000 | ---D | M] -- C:\Program Files\Avanquest update [2012/12/17 07:36:46 | 000,000,000 | ---D | M] -- C:\Program Files\Avira [2012/09/08 17:42:24 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour [2011/10/13 21:18:21 | 000,000,000 | ---D | M] -- C:\Program Files\Canon [2011/10/13 20:53:43 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ [2013/02/02 06:20:17 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner [2012/03/06 07:16:57 | 000,000,000 | ---D | M] -- C:\Program Files\CheckPoint [2012/12/29 09:46:48 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix [2011/10/12 06:34:52 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications [2012/11/18 18:23:49 | 000,000,000 | ---D | M] -- C:\Program Files\CRON-O-METER [2011/10/14 16:39:31 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink [2011/10/13 21:40:40 | 000,000,000 | ---D | M] -- C:\Program Files\DivX [2012/06/26 13:01:57 | 000,000,000 | ---D | M] -- C:\Program Files\Dropbox [2012/01/16 09:12:42 | 000,000,000 | ---D | M] -- C:\Program Files\ESET [2013/01/29 14:47:10 | 000,000,000 | ---D | M] -- C:\Program Files\FANTAZIORKA [2012/12/29 09:39:35 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs [2011/10/12 09:53:46 | 000,000,000 | ---D | M] -- C:\Program Files\Free Audio Pack [2011/10/17 17:33:31 | 000,000,000 | ---D | M] -- C:\Program Files\Free PDF to Word Converter [2012/07/01 19:28:18 | 000,000,000 | ---D | M] -- C:\Program Files\Google [2012/07/30 19:11:39 | 000,000,000 | ---D | M] -- C:\Program Files\Handset USB Driver [2012/04/25 05:50:38 | 000,000,000 | ---D | M] -- C:\Program Files\HeartMath [2013/02/13 23:33:56 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information [2012/07/08 10:11:00 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer [2013/01/20 09:55:07 | 000,000,000 | ---D | M] -- C:\Program Files\iPod [2013/01/20 09:56:54 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes [2012/07/18 09:06:58 | 000,000,000 | ---D | M] -- C:\Program Files\Java [2011/10/12 10:54:06 | 000,000,000 | ---D | M] -- C:\Program Files\ma-config.com [2013/01/17 07:49:05 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/10/12 06:38:07 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage [2011/10/16 08:18:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Keyboard Layout Creator 1.4 [2012/10/07 19:09:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office [2012/07/08 10:10:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight [2012/08/08 05:51:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server [2012/08/08 13:41:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works [2011/10/15 07:07:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works Suite 2004 [2012/08/08 05:18:31 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET [2011/10/20 17:58:42 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker [2011/10/12 09:41:57 | 000,000,000 | ---D | M] -- C:\Program Files\MozBackup [2013/02/15 07:49:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox [2013/02/06 15:31:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service [2013/01/09 07:33:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird [2011/10/12 17:25:57 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild [2012/10/07 19:08:10 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache [2011/10/20 17:04:10 | 000,000,000 | ---D | M] -- C:\Program Files\msn [2011/10/12 06:34:00 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone [2011/10/14 06:42:33 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0 [2011/10/12 17:22:00 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0 [2012/08/17 22:51:42 | 000,000,000 | ---D | M] -- C:\Program Files\MyPhoneExplorer [2012/01/18 18:14:33 | 000,000,000 | ---D | M] -- C:\Program Files\MyTomTom 3 [2011/10/20 16:59:17 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting [2012/10/10 07:16:48 | 000,000,000 | ---D | M] -- C:\Program Files\office Convert Pdf to PowerPoint for ppt Free [2011/10/12 12:53:18 | 000,000,000 | ---D | M] -- C:\Program Files\OpenXML-ODF Translator [2012/07/18 09:08:34 | 000,000,000 | ---D | M] -- C:\Program Files\Oracle [2011/10/20 18:05:59 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express [2012/03/09 07:38:32 | 000,000,000 | ---D | M] -- C:\Program Files\PDFCreator [2011/12/26 18:46:38 | 000,000,000 | ---D | M] -- C:\Program Files\PhotoFiltre [2011/10/13 20:31:50 | 000,000,000 | ---D | M] -- C:\Program Files\Pinnacle [2012/04/05 06:10:55 | 000,000,000 | ---D | M] -- C:\Program Files\Quantum Intech [2012/03/07 13:27:39 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime [2012/12/29 09:39:43 | 000,000,000 | ---D | M] -- C:\Program Files\Real [2012/12/29 09:40:04 | 000,000,000 | ---D | M] -- C:\Program Files\RealNetworks [2012/08/05 09:31:09 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek [2012/12/17 14:29:02 | 000,000,000 | ---D | M] -- C:\Program Files\Recuva [2011/10/12 17:25:41 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies [2011/11/28 20:12:14 | 000,000,000 | ---D | M] -- C:\Program Files\Secunia [2011/10/12 13:07:50 | 000,000,000 | ---D | M] -- C:\Program Files\Send To Toys [2011/10/12 06:34:12 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne [2011/10/14 23:23:53 | 000,000,000 | ---D | M] -- C:\Program Files\SIW [2012/07/25 23:02:40 | 000,000,000 | R--D | M] -- C:\Program Files\Skype [2012/08/01 14:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\Sony [2013/01/20 00:11:28 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Ericsson [2011/12/21 06:33:23 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Media Go Install [2013/02/12 22:12:49 | 000,000,000 | ---D | M] -- C:\Program Files\Subliminal Visuel Concentration [2012/01/18 18:14:39 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom International B.V [2012/03/20 07:50:25 | 000,000,000 | ---D | M] -- C:\Program Files\trend micro [2011/11/28 21:50:54 | 000,000,000 | ---D | M] -- C:\Program Files\TubeMaster++ [2012/01/17 14:47:23 | 000,000,000 | ---D | M] -- C:\Program Files\TuneUp Utilities 2012 [2012/08/08 05:55:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information [2013/01/09 13:19:57 | 000,000,000 | ---D | M] -- C:\Program Files\VDownloader [2011/10/12 09:58:39 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN [2011/11/28 21:51:26 | 000,000,000 | ---D | M] -- C:\Program Files\VlcPlus [2012/01/16 22:57:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2 [2012/01/16 23:00:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player [2011/10/20 16:59:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT [2011/10/12 06:34:12 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate [2011/10/24 19:11:15 | 000,000,000 | ---D | M] -- C:\Program Files\WinPcap [2011/10/12 13:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR [2011/10/12 06:38:07 | 000,000,000 | ---D | M] -- C:\Program Files\xerox [2012/10/10 06:58:29 | 000,000,000 | ---D | M] -- C:\Program Files\Xilisoft [2011/12/05 14:32:54 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo! [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2007/06/13 14:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ERDNT\cache\explorer.exe [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ERDNT\cache\netlogon.dll [2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [2009/02/06 19:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll [2009/02/06 19:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ERDNT\cache\userinit.exe [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe < End of report >